Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2018-17207

Published: 19/09/2018 Updated: 18/10/2021
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

An issue exists in Snap Creek Duplicator prior to 1.2.42. By accessing leftover installer files (installer.php and installer-backup.php), an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

snapcreek duplicator

Github Repositories

https://github.com/cved-sources/cve-2018-17207

cve-2018-17207

CVE-2018-17207 This is part of Cved: a tool to manage vulnerable docker containers Cved: githubcom/git-rep-src/cved Image source: githubcom/cved-sources/cve-2018-17207 Image author: githubcom/cved-sources/cve-2018-17207

References

CWE-94https://www.synacktiv.com/ressources/advisories/WordPress_Duplicator-1.2.40-RCE.pdfhttps://snapcreek.com/duplicator/docs/changelog/?litehttps://nvd.nist.govhttps://github.com/cved-sources/cve-2018-17207
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078CVE-2024-37896code injectionCVE-2024-3080CVE-2024-5172cross-site request forgeryCVE-2024-6111firmwareCVE-2024-38504
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook